Story image

Dept of Human Services crowned winner of Government's Cyber War Games

03 Oct 17

The Australian Government’s Department of Human Services was crowned the winner in a cybersecurity competition designed especially for the country’s government agencies last week.

The Government Cyber War Games included five teams, two of which were made up of representatives from multiple departments.

The exercise, Operation First Wave, was designed as a round-robin tournament in which teams attacked and defended a specially-designed cyber range linked to a working replica Lego city.

Attackers had a series of objectives to achieve such as derailing the lego train or stopping wind model turbines, while defenders had to spot and prevent the attacks.

According to Department of Human Services CISO Narelle Devine, the aim was to get teams to throw attackers off by making them think outside the box.

“The lead changed hands several times throughout the week with ATO taking charge early on, only to be chased down by DHS, who just managed to edge out DIBP at the very end,” she comments.

“The ATO team initially set the course record with the speed with which they achieved some of their objectives, while the DIBP and AFP put up the sternest defence, holding out their opponents until the final minutes of the contest.”

She notes that both joint teams did especially well considering they had never collaborated before.

But it was not just about who won the tournament, but about the cooperation between different teams – a vital ingredient in strong cyber capabilities.

Those teams included the Department of Human Services, the Australian Taxation Office (ATO) and the Department of Immigation and Border Protection, as well as the two joint teams.

The first joint team included members from the Australian Criminal Investigation Commission, the Australian Federal Police and the Department of Health.

The second team included the Attorney-General’s Department Computer Emergency Response Team (CERT), the Australian Bureau of Statistics, Digital Transformation Agency, the Department of Defence and additional members of the ATO.

Devine says that in the event of government systems breaches, there would be ‘major ramifications’ for both Australia and individuals concerned.

 “As the custodian of personal data on almost every Australian, through Centrelink, Medicare and Child Support, the department takes security of this information extremely seriously,” Devine comments.

 “The level of engagement and collaboration the games have fostered within the government cyber security community is extremely encouraging. The department’s training facility is world class and I look forward to hosting more events and training exercises like this, ensuring our cyber defenders are at the top of their game.”

 “The feedback we have had from all the teams and spectators has been extremely positive, and the knowledge shared and inter-agency relationships formed will have ongoing benefits,” Devine concludes.

Judges included FireEye VP for customer education Admiral Patrick Walsh; Sandra Ragg – Assistant Secretary Cyber Policy, Department of the Prime Minister and Cabinet; Anthony Kitzelmann – CISO & GM Cyber Security Centre, Australian Digital Health Agency; Commodore Jeffrey Goedecke – director general Business Relationship Management, Department of Defence; Dr Jill Slay – director of Cyber Resilience, Australian Computer Society (ACS); Eshan Dissanayake – head of IT Security, Coles division of Wesfarmers; and James Turner – head of CISO Lens.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”